Particularly in the field of medical engineering technology, it is therefore an essential requirement to protect the access to security-critical data against unauthorized access. In modern systems which allow access via the internet, this represents a significant source of risk. Unauthorized users can illegally listen in to messages between the individual electronic modules (transmitters, receivers), and this can usually be achieved without great effort or expense. On one hand the access to this data must therefore satisfy strict security requirements. On the other hand the system must be as flexible as possible, allowing use with the web and access from e.g. remote medical workstations, and it must be possible for individual electronic entities to be connected up to the system at any time. In addition, a large group of users, applications and distributed databases must be managed. The large volume of data to be stored must also be taken into consideration when designing security systems.
Protection of electronic data records against unauthorized access is disclosed in the prior art. Encryption systems are known which can be applied both to the storage (e.g. to the hard disks of the computer) and to the communication between the network users. In the context of encryption systems, in which the communications (i.e. the exchanged messages) are encrypted, it is known in the prior art to perform the decryption on the receiver side in each case. This represents a security risk to the extent that it is essentially possible for an unauthorized user to intercept the message (albeit in encrypted format) and process it in some way in an unauthorized manner, corrupt it or forward it without authorization. The prior art also discloses the provision of indices for searching, in order to allow access to data records within a large data resource. However, no provision is made for an approach whereby security-critical personal data can be secured.